Analysis

  • max time kernel
    120s
  • max time network
    121s
  • platform
    windows7_x64
  • resource
    win7-20240220-en
  • resource tags

    arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
  • submitted
    12/06/2024, 22:56

General

  • Target

    a2cf05d87b0cfd7149287f003b383b35_JaffaCakes118.exe

  • Size

    784KB

  • MD5

    a2cf05d87b0cfd7149287f003b383b35

  • SHA1

    1ada1a29a6736ed7a94d332fff4911d314c6e800

  • SHA256

    69762813ce27fe79c560fb43e2bca400b5b09af2b48d525e91bb41031ca0d1bc

  • SHA512

    ef1573c899ddf581da3aebbd6a9d4b680784087e663da332dbc70712e0b2cf85620e7e14a9e51f24793451e38a50ec0fbc536b0e7f5fa1d693c7b4513059b013

  • SSDEEP

    12288:4NLZ/0ZzhEtGOPnA7Bx3+J2FT9/CZ0w100eWnzD/2hqCC6LejPE:4NR2zaQBt37/CZ0w1PeWnzqhqCC6+PE

Score
1/10

Malware Config

Signatures

  • Script User-Agent 1 IoCs

    Uses user-agent string associated with script host/environment.

  • Suspicious use of FindShellTrayWindow 2 IoCs
  • Suspicious use of SendNotifyMessage 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\a2cf05d87b0cfd7149287f003b383b35_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\a2cf05d87b0cfd7149287f003b383b35_JaffaCakes118.exe"
    1⤵
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    PID:3032

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads